############################################
DirectoryIndex index.php

<IfModule mod_rewrite.c>
    Options +FollowSymLinks
    RewriteEngine on

    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
    RewriteRule .* - [L,R=405]

    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-l

    RewriteRule .* index.php [L]
</IfModule>

AddDefaultCharset Off
AddType 'text/html; charset=UTF-8' html

<Files RELEASE_NOTES.txt>
    Require all denied
</Files>

<Files .htaccess>
    Require all denied
</Files>

<Files cron.php>
    Require all denied
</Files>

<Files .user.ini>
    Require all denied
</Files>

ErrorDocument 404 /errors/404.php
ErrorDocument 403 /errors/404.php

<IfModule mod_headers.c>
    Header set X-UA-Compatible "IE=edge"

    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
        Header unset X-UA-Compatible
    </FilesMatch>

    Header set X-Frame-Options SAMEORIGIN
</IfModule>

<IfModule mod_expires.c>
    ExpiresDefault "access plus 1 year"
    ExpiresByType text/html A0
    ExpiresByType text/plain A0
</IfModule>

<IfModule mod_deflate.c>
</IfModule>

<IfModule mod_ssl.c>
    SSLOptions StdEnvVars
</IfModule>